The short answer is: You control who has access to the system.
We provide all of the functionality for your local site administrators to add, remove, and modify users in the system. They can also control the permissions and roles those users have, which controls what they can do within the system.
As a matter of policy, L2L staff does not add, remove, or modify users or permissions. We will redirect end-user requests through our support channels back to the local site administrators.
We do have the ability to integrate with your company's Active Directory, LDAP, or SAML servers to provide more centralized user management.
L2L Server Access:
For the purposes of support and maintenance, select members of the L2L Support and DevOps teams will have access to your servers. These individuals have passed background checks, signed a non-disclosure and confidential agreement, and are required to take security and privacy training on a regular basis. These individuals are all US citizens. These L2L users are required to use 2 factor or public key / private key authentication depending on the work being performed.
AWS Server Access:
We host our services within various regions in the Amazon Web Services Cloud (AWS) throughout the world. For US Government related workloads we also have access to the Amazon GovCloud. We work with our customers to locate their dedicated server infrastructure in regions based on proximity, data sovereignty requirements, and other regulatory constraints.
AWS employees don’t have logins or admin access to these servers. Leading2Lean controls all server login level access to these servers and requires public key / private key authentication. There are no AWS accounts provisioned. The disks themselves are encrypted, so even if an AWS employee who has past all of the background checks to work in one the many data centers within that AWS region could find the physical hardware our servers are on, they still wouldn’t be able to access the data or gain login access to the server. This is all part of the AWS security and compliance safeguards.
To read more about AWS security go to: